diff --git a/lib/calcms/auth.pm b/lib/calcms/auth.pm
index 18af258..f62b851 100644
--- a/lib/calcms/auth.pm
+++ b/lib/calcms/auth.pm
@@ -3,7 +3,7 @@ package auth;
use warnings "all";
use strict;
-use CGI;
+use CGI::Simple();
use CGI::Session qw(-ip-match);
use CGI::Cookie();
@@ -21,22 +21,24 @@ my $debug = 0;
sub debug;
+#TODO: remove CGI
sub get_user {
- my $cgi = shift;
my $config = shift;
-
- my %parms = $cgi->Vars();
- my $parms = \%parms;
+ my $params = shift;
+ my $cgi = shift;
debug("get_user") if ($debug);
# login or logout on action
- if ( defined $parms->{action} ) {
- if ( $parms->{action} eq 'login' ) {
- my $user = login( $cgi, $config, $parms->{user}, $parms->{password} );
+ if ( defined $params->{action} ) {
+ if ( $params->{action} eq 'login' ) {
+ my $user = login( $config, $params->{user}, $params->{password} );
+ $cgi = new CGI::Simple() unless defined $cgi;
+
$cgi->delete( 'user', 'password', 'uri', 'action' );
return $user;
- } elsif ( $parms->{action} eq 'logout' ) {
+ } elsif ( $params->{action} eq 'logout' ) {
+ $cgi = new CGI::Simple() unless defined $cgi;
logout($cgi);
$cgi->delete( 'user', 'password', 'uri', 'action' );
return undef;
@@ -44,20 +46,20 @@ sub get_user {
}
# read session id from cookie
- my $session_id = read_cookie($cgi);
+ my $session_id = read_cookie();
# login if no cookie found
- return show_login_form( $parms->{user}, 'Please login' ) unless defined $session_id;
+ return show_login_form( $params->{user}, 'Please login' ) unless defined $session_id;
# read session
my $session = read_session($session_id);
# login if user not found
- return show_login_form( $parms->{user}, 'unknown User' ) unless defined $session;
+ return show_login_form( $params->{user}, 'unknown User' ) unless defined $session;
- $parms->{user} = $session->{user};
- $parms->{expires} = $session->{expires};
- debug( $parms->{expires} );
+ $params->{user} = $session->{user};
+ $params->{expires} = $session->{expires};
+ debug( $params->{expires} );
return $session->{user}, $session->{expires};
}
@@ -76,7 +78,6 @@ sub crypt_password {
}
sub login {
- my $cgi = shift;
my $config = shift;
my $user = shift;
my $password = shift;
@@ -94,13 +95,14 @@ sub login {
$timeout = '+' . $timeout . 'm';
my $session_id = create_session( $user, $password, $timeout );
- return $user if ( create_cookie( $cgi, $session_id, $timeout ) );
+ return $user if create_cookie( $session_id, $timeout );
return undef;
}
+#TODO: remove cgi
sub logout {
my $cgi = shift;
- my $session_id = read_cookie($cgi);
+ my $session_id = read_cookie();
debug("logout") if ($debug);
unless ( delete_session($session_id) ) {
return show_login_form( 'Cant delete session', 'logged out' );
@@ -116,44 +118,34 @@ sub logout {
#read and write data from browser, http://perldoc.perl.org/CGI/Cookie.html
sub create_cookie {
- my $cgi = shift;
my $session_id = shift;
my $timeout = shift;
- #debug("create_cookie")if ($debug);
-
my $cookie = CGI::Cookie->new(
-name => 'sessionID',
-value => $session_id,
-expires => $timeout,
-
- # -domain => '.capricorn.com',
- # -path => '/agenda/admin/',
- -secure => 1
+ -secure => 1
);
print "Set-Cookie: ", $cookie->as_string, "\n";
print STDERR "#Set-Cookie: ", $cookie->as_string, "\n";
- # print $cgi->header( -cookie => $cookie );
return 1;
}
sub read_cookie {
- my $cgi = shift;
-
debug("read_cookie") if ($debug);
my %cookie = CGI::Cookie->fetch;
debug( "cookies: " . Dumper( \%cookie ) ) if ($debug);
my $cookie = $cookie{'sessionID'};
debug( "cookie: " . $cookie ) if ($debug);
- return undef unless defined $cookie ;
+ return undef unless defined $cookie;
my $session_id = $cookie->value || undef;
debug( "sid: " . $session_id ) if ($debug);
return $session_id;
-
- #return $cgi->cookie('sessionID') || undef;
}
+#TODO: remove CGI
sub delete_cookie {
my $cgi = shift;
@@ -179,7 +171,6 @@ sub create_session {
$session->param( "user", $user );
$session->param( "pid", $$ );
- # $session->param("password", $password);
return $session->id();
}
diff --git a/lib/calcms/markup.pm b/lib/calcms/markup.pm
index 2d30522..e912d9e 100644
--- a/lib/calcms/markup.pm
+++ b/lib/calcms/markup.pm
@@ -7,6 +7,7 @@ use Text::WikiCreole();
use HTML::Parse();
use HTML::FormatText();
use Encode();
+use HTML::Entities();
use log();
@@ -498,5 +499,10 @@ sub encode_xml_element_text {
return $text;
}
+sub escapeHtml{
+ my $s=shift;
+ return HTML::Entities::encode_entities($s,q{&<>"'});
+}
+
#do not delete last line!
1;
diff --git a/lib/calcms/params.pm b/lib/calcms/params.pm
index b2ff79e..9360ccd 100644
--- a/lib/calcms/params.pm
+++ b/lib/calcms/params.pm
@@ -4,79 +4,77 @@ use warnings "all";
use strict;
use Data::Dumper;
-use CGI();
use Apache2::Request();
use base 'Exporter';
-our @EXPORT_OK = qw(get isJson);
+our @EXPORT_OK = qw(get isJson);
sub debug;
my $isJson = 0;
sub isJson {
- return $isJson;
+ return $isJson;
}
sub get {
- #get the Apache2::RequestRec
- my $r = shift;
+ #get the Apache2::RequestRec
+ my $r = shift;
- my $tmp_dir = '/var/tmp/';
- my $upload_limit = 1000 * 1024;
+ my $tmp_dir = '/var/tmp/';
+ my $upload_limit = 1000 * 1024;
- my $cgi = undef;
- my $status = undef;
- my $params = {};
+ my $cgi = undef;
+ my $status = undef;
+ my $params = {};
- $isJson = 0;
+ $isJson = 0;
- if ( defined $r ) {
+ if ( defined $r ) {
- #print STDERR "Apache2::Request\n";
- #get Apache2::Request
- my $req = Apache2::Request->new( $r, POST_MAX => $upload_limit, TEMP_DIR => $tmp_dir );
+ #print STDERR "Apache2::Request\n";
+ #get Apache2::Request
+ my $req = Apache2::Request->new( $r, POST_MAX => $upload_limit, TEMP_DIR => $tmp_dir );
- for my $key ( $req->param ) {
- $params->{ scalar($key) } = scalar( $req->param($key) );
- }
+ for my $key ( $req->param ) {
+ $params->{ scalar($key) } = scalar( $req->param($key) );
+ }
- #copy params to hash
- #my $body=$req->body();
- #if (defined $body){
- # for my $key (keys %$body){
- # $params->{scalar($key)}=scalar($req->param($key));
- # }
- #}
- $status = $req->parse; #parse
- } else {
+ #copy params to hash
+ #my $body=$req->body();
+ #if (defined $body){
+ # for my $key (keys %$body){
+ # $params->{scalar($key)}=scalar($req->param($key));
+ # }
+ #}
+ $status = $req->parse; #parse
+ } else {
+ print STDERR "$0: require CGI\n";
+ require "CGI.pm";
+ $CGI::POST_MAX = $upload_limit;
+ $CGI::TMPDIRECTORY = $tmp_dir;
+ $cgi = new CGI();
+ $status = $cgi->cgi_error() || $status;
+ my %params = $cgi->Vars();
+ $params = \%params;
+ }
- #print STDERR "CGI\n";
- $CGI::POST_MAX = $upload_limit;
- $CGI::TMPDIRECTORY = $tmp_dir;
- $cgi = new CGI();
- $status = $cgi->cgi_error() || $status;
- my %params = $cgi->Vars();
- $params = \%params;
- }
- $cgi = new CGI() unless ( defined $cgi );
+ $isJson = 1 if ( defined $params->{json} ) && ( $params->{json} eq '1' );
- $isJson = 1 if ( defined $params->{json} ) && ( $params->{json} eq '1' );
+ if ( defined $status ) {
+ $status = '' if ( $status eq 'Success' );
+ $status = '' if ( $status eq 'Missing input data' );
+ print $cgi->header . $status . "\n" if ( $status ne '' );
+ }
- if ( defined $status ) {
- $status = '' if ( $status eq 'Success' );
- $status = '' if ( $status eq 'Missing input data' );
- print $cgi->header . $status . "\n" if ( $status ne '' );
- }
+ #print STDERR Dumper($params);
+ #print $cgi->header.Dumper($params).$status;
- #print STDERR Dumper($params);
- #print $cgi->header.Dumper($params).$status;
-
- return ( $cgi, $params, $status );
+ return ( $cgi, $params, $status );
}
sub debug {
- my $message = shift;
+ my $message = shift;
}
#do not delete last line!
diff --git a/lib/calcms/uac.pm b/lib/calcms/uac.pm
index 741814d..b675987 100644
--- a/lib/calcms/uac.pm
+++ b/lib/calcms/uac.pm
@@ -2,7 +2,6 @@ package uac;
use warnings "all";
use strict;
-use CGI();
use CGI::Session qw(-ip-match);
use CGI::Cookie();
use Data::Dumper;
diff --git a/website/agenda/add_comment.cgi b/website/agenda/add_comment.cgi
index 04dff2e..61ef5c1 100755
--- a/website/agenda/add_comment.cgi
+++ b/website/agenda/add_comment.cgi
@@ -5,9 +5,6 @@ use diagnostics;
use strict;
use Data::Dumper;
-use CGI qw(header param Vars escapeHTML uploadInfo cgi_error);
-$CGI::POST_MAX=1024 * 100;
-
use params();
use config();
use db();
@@ -242,7 +239,7 @@ sub escape_text{
$s=~s/<[a-z\!\?\[\/][^\>]+?\>//gi;
$s=~s/<[a-z\!\?\[\/]\>//gi;
- $s=CGI::escapeHTML($s);
+ $s = markup::escapeHTML($s);
$s=~s/[\n\r]+/\
/g;
$s=~s/\
/\
\n/g;
$s=~s/\
\s*$//g;
diff --git a/website/agenda/aggregate.cgi b/website/agenda/aggregate.cgi
index 35f5b20..891c370 100755
--- a/website/agenda/aggregate.cgi
+++ b/website/agenda/aggregate.cgi
@@ -3,167 +3,174 @@
use warnings "all";
use strict;
-use CGI qw(header param Vars);
+#use CGI qw(header param Vars);
+use config();
+use params();
use db();
use events();
use time();
use aggregator();
use markup();
use log();
-use config();
if ( $0 =~ /aggregate.*?\.cgi$/ ) {
- binmode STDOUT, ":encoding(UTF-8)";
+ binmode STDOUT, ":encoding(UTF-8)";
- #(my $cgi, my $params, my $error)=params::get($r);
- my $cgi = new CGI();
- my %params = $cgi->Vars();
- my $params = \%params;
+ my $params = {};
+ my $r = shift;
+ #print STDERR ref($r)."\n";
+ if ( ref($r) eq '' ) {
+ for my $arg (@ARGV) {
+ my ( $key, $value ) = split( /\=/, $arg, 2 );
+ $params->{$key} = $value;
+ }
+ } else {
+ ( my $cgi, $params, my $error ) = params::get($r);
+ }
- my $config = config::getFromScriptLocation();
+ my $config = config::getFromScriptLocation();
- my $debug = $config->{system}->{debug};
- my $mem_debug = $config->{system}->{debug_memory};
- my $base_dir = $config->{locations}->{base_dir};
+ my $debug = $config->{system}->{debug};
+ my $mem_debug = $config->{system}->{debug_memory};
+ my $base_dir = $config->{locations}->{base_dir};
- #my $cgi=new CGI();
- my $output_header = '';
- if ( exists $ENV{REQUEST_URI} && $ENV{REQUEST_URI} ne '' ) {
- $output_header .= "Content-type:text/html; charset=UTF-8;\n\n";
- }
+ my $output_header = '';
+ if ( exists $ENV{REQUEST_URI} && $ENV{REQUEST_URI} ne '' ) {
+ $output_header .= "Content-type:text/html; charset=UTF-8;\n\n";
+ }
- $params->{exclude_locations} = 1;
- $params->{exclude_projects} = 1;
- $params->{exclude_event_images} = 1;
+ $params->{exclude_locations} = 1;
+ $params->{exclude_projects} = 1;
+ $params->{exclude_event_images} = 1;
- # $output_header.=''."\n";
- my $request = {
- url => $ENV{QUERY_STRING},
- params => {
- original => $params,
- checked => aggregator::check_params( $config, $params ),
- },
- };
- $params = $request->{params}->{checked};
+ # $output_header.=''."\n";
+ my $request = {
+ url => $ENV{QUERY_STRING},
+ params => {
+ original => $params,
+ checked => aggregator::check_params( $config, $params ),
+ },
+ };
+ $params = $request->{params}->{checked};
- my $mem = 0;
+ my $mem = 0;
- #get result from cache
- my $cache = aggregator::get_cache( $config, $request );
+ #get result from cache
+ my $cache = aggregator::get_cache( $config, $request );
- if ( ( defined $cache->{content} ) && ( $cache->{content} ne '' ) ) {
- my $content = $cache->{content};
- print $output_header;
- print $content;
- return;
- }
+ if ( ( defined $cache->{content} ) && ( $cache->{content} ne '' ) ) {
+ my $content = $cache->{content};
+ print $output_header;
+ print $content;
+ return;
+ }
- my $content = load_file( $base_dir . './index.html' );
- $content = $$content || '';
+ my $content = load_file( $base_dir . './index.html' );
+ $content = $$content || '';
- #replace HTML escaped calcms_title span by unescaped one
- $content =~ s/\<\;span id\="\;calcms_title"\;\>\;[^\&]*\<\;\/span\>\;/\\<\/span\>/g;
+ #replace HTML escaped calcms_title span by unescaped one
+ $content =~ s/\<\;span id\="\;calcms_title"\;\>\;[^\&]*\<\;\/span\>\;/\\<\/span\>/g;
- # print $content;
+ # print $content;
- my $list = aggregator::get_list( $config, $request );
+ my $list = aggregator::get_list( $config, $request );
- my $menu = { content => '' };
+ my $menu = { content => '' };
- $list->{day} = '' unless defined $list->{day};
- $list->{day} = $params->{date} if ( defined $params->{date} ) && ( $params->{date} ne '' );
- $list->{day} = $params->{from_date} if ( defined $params->{from_date} ) && ( $params->{from_date} ne '' );
- $list->{day} = 'today' if $list->{day} eq '';
+ $list->{day} = '' unless defined $list->{day};
+ $list->{day} = $params->{date} if ( defined $params->{date} ) && ( $params->{date} ne '' );
+ $list->{day} = $params->{from_date} if ( defined $params->{from_date} ) && ( $params->{from_date} ne '' );
+ $list->{day} = 'today' if $list->{day} eq '';
- $menu = aggregator::get_menu( $config, $request, $list->{day}, $list->{results} );
+ $menu = aggregator::get_menu( $config, $request, $list->{day}, $list->{results} );
- my $calendar = aggregator::get_calendar( $config, $request, $list->{day} );
- my $newest_comments = aggregator::get_newest_comments( $config, $request );
+ my $calendar = aggregator::get_calendar( $config, $request, $list->{day} );
+ my $newest_comments = aggregator::get_newest_comments( $config, $request );
- #my $newest_comments={};
- #db::disconnect($request) if (defined $request && defined $request->{connection});
- #print STDERR "$list->{project_title}\n";
+ #my $newest_comments={};
+ #db::disconnect($request) if (defined $request && defined $request->{connection});
+ #print STDERR "$list->{project_title}\n";
- #build results list
- my $output = {};
- $output->{calcms_menu} = \$menu->{content};
- $output->{calcms_list} = \$list->{content};
- $output->{calcms_calendar} = \$calendar->{content};
- $output->{calcms_newest_comments} = \$newest_comments->{content};
+ #build results list
+ my $output = {};
+ $output->{calcms_menu} = \$menu->{content};
+ $output->{calcms_list} = \$list->{content};
+ $output->{calcms_calendar} = \$calendar->{content};
+ $output->{calcms_newest_comments} = \$newest_comments->{content};
- # $output->{calcms_categories} = load_file($base_dir.'/cache/categories.html');
- # $output->{calcms_series_names} = load_file($base_dir.'/cache/series_names.html');
- # $output->{calcms_programs} = load_file($base_dir.'/cache/programs.html');
+ # $output->{calcms_categories} = load_file($base_dir.'/cache/categories.html');
+ # $output->{calcms_series_names} = load_file($base_dir.'/cache/series_names.html');
+ # $output->{calcms_programs} = load_file($base_dir.'/cache/programs.html');
- my $url = $list->{url};
- my $js = qq{
+ my $url = $list->{url};
+ my $js = qq{
set('preloaded','1');
set('last_list_url','$url');
};
- $content =~ s/\/\/\s*(calcms_)?preload/$js/;
+ $content =~ s/\/\/\s*(calcms_)?preload/$js/;
- #insert results into page
- for my $key ( keys %$output ) {
- my $val = ${ $output->{$key} };
- my $start = index( $val, "" );
- if ( $start != -1 ) {
- $val = substr( $val, $start + length('') );
- }
- my $end = index( $val, "" );
- if ( $end != -1 ) {
- $val = substr( $val, 0, $end );
- }
- $content =~ s/(<(div|span)\s+id="$key".*?>).*?(<\/(div|span)>)/$1$val$3/g;
- }
+ #insert results into page
+ for my $key ( keys %$output ) {
+ my $val = ${ $output->{$key} };
+ my $start = index( $val, "" );
+ if ( $start != -1 ) {
+ $val = substr( $val, $start + length('') );
+ }
+ my $end = index( $val, "" );
+ if ( $end != -1 ) {
+ $val = substr( $val, 0, $end );
+ }
+ $content =~ s/(<(div|span)\s+id="$key".*?>).*?(<\/(div|span)>)/$1$val$3/g;
+ }
- #replace whole element span with id="calcms_title" by value
- $list->{project_title} = '' unless ( defined $list->{project_title} );
- $content =~ s/(<(div|span)\s+id="calcms_title".*?>).*?(<\/(div|span)>)/$list->{project_title}/g;
+ #replace whole element span with id="calcms_title" by value
+ $list->{project_title} = '' unless ( defined $list->{project_title} );
+ $content =~ s/(<(div|span)\s+id="calcms_title".*?>).*?(<\/(div|span)>)/$list->{project_title}/g;
- my $values = [];
- for my $value ( $list->{'program'}, $list->{'series_name'}, $list->{'title'}, $list->{'location'}, $list->{'project_title'} ) {
- next unless defined $value;
- next if $value eq '';
- push @$values, $value;
- }
+ my $values = [];
+ for my $value ( $list->{'program'}, $list->{'series_name'}, $list->{'title'}, $list->{'location'}, $list->{'project_title'} ) {
+ next unless defined $value;
+ next if $value eq '';
+ push @$values, $value;
+ }
- my $title = join( ' - ', @$values );
+ my $title = join( ' - ', @$values );
- $content =~ s/()(.*?)(<\/title>)/$1$title$3/;
+ $content =~ s/(<title>)(.*?)(<\/title>)/$1$title$3/;
- $js = '';
- if ( ( defined $list->{event_id} ) && ( $list->{event_id} ne '' ) ) {
- $js .= qq{showCommentsByEventIdOrEventStart('$list->{event_id}','$list->{start_datetime}')};
- }
+ $js = '';
+ if ( ( defined $list->{event_id} ) && ( $list->{event_id} ne '' ) ) {
+ $js .= qq{showCommentsByEventIdOrEventStart('$list->{event_id}','$list->{start_datetime}')};
+ }
- $content =~ s/startCalcms\(\)\;/$js/gi;
+ $content =~ s/startCalcms\(\)\;/$js/gi;
- #replace link to uncompressed or compressed drupal (first link in <head>)
- my @parts = split( /<\/head>/, $content );
- $parts[0] =~ s|/misc/jquery.js|/agenda_files/js/jquery.js|;
- $parts[0] =~ s|/sites/default/files/js/[a-z0-9\_]+\.js|/agenda_files/js/jquery.js|;
- $content = join( '</head>', @parts );
+ #replace link to uncompressed or compressed drupal (first link in <head>)
+ my @parts = split( /<\/head>/, $content );
+ $parts[0] =~ s|/misc/jquery.js|/agenda_files/js/jquery.js|;
+ $parts[0] =~ s|/sites/default/files/js/[a-z0-9\_]+\.js|/agenda_files/js/jquery.js|;
+ $content = join( '</head>', @parts );
- print $output_header;
- print $content;
+ print $output_header;
+ print $content;
- if ( $config->{cache}->{use_cache} eq '1' ) {
- $cache->{content} = $content;
- cache::save($cache);
- }
+ if ( $config->{cache}->{use_cache} eq '1' ) {
+ $cache->{content} = $content;
+ cache::save($cache);
+ }
- # $config=undef;
- $content = undef;
- $cache = undef;
+ # $config=undef;
+ $content = undef;
+ $cache = undef;
}
sub load_file {
- my $filename = shift;
- my $content = "cannot load '$filename'";
- open my $FILE, '<:utf8', $filename or return \$content;
- $content = join( "", (<$FILE>) );
- close $FILE;
- return \$content;
+ my $filename = shift;
+ my $content = "cannot load '$filename'";
+ open my $FILE, '<:utf8', $filename or return \$content;
+ $content = join( "", (<$FILE>) );
+ close $FILE;
+ return \$content;
}
diff --git a/website/agenda/cache/.htaccess b/website/agenda/cache/.htaccess
index f9768da..372a2e2 100644
--- a/website/agenda/cache/.htaccess
+++ b/website/agenda/cache/.htaccess
@@ -1,3 +1,2 @@
-Order deny,allow
-deny from all
+Require all denied
diff --git a/website/agenda/cache/programm/.htaccess b/website/agenda/cache/programm/.htaccess
index 73b19b1..09f0c76 100644
--- a/website/agenda/cache/programm/.htaccess
+++ b/website/agenda/cache/programm/.htaccess
@@ -1,21 +1,19 @@
<IfModule mod_rewrite.c>
-RewriteBase /programm
+ RewriteBase /programm
-RewriteEngine on
-RewriteCond %{REQUEST_FILENAME} -f
-RewriteRule (.*) $1 [L]
-RewriteCond %{REQUEST_FILENAME} -d
-RewriteRule (.*) $1 [L]
+ RewriteEngine on
+ RewriteCond %{REQUEST_FILENAME} -f
+ RewriteRule (.*) $1 [L]
+ RewriteCond %{REQUEST_FILENAME} -d
+ RewriteRule (.*) $1 [L]
-#controller
- RewriteRule ^kalender/(\d{4}-\d{2}-\d{2})_(\d{4}-\d{2}-\d{2})\.html[\?]?(.*)$ /agenda/aggregate.cgi?from_date=$1&till_date=$2&$3 [L]
- RewriteRule ^kalender/(\d{4}-\d{2}-\d{2})\.html[\?]?(.*)$ /agenda/aggregate.cgi?date=$1&$2 [L]
- RewriteRule ^sendungen/(\d{4}-\d{2}-\d{2})\.html[\?]?(.*)$ /agenda/aggregate.cgi?date=$1&$2 [L]
-# RewriteRule ^sendung/(\d+)\.html/[^&]*(&.*)?$ /agenda/aggregate.cgi?event_id=$1&$2 [L]
- RewriteRule ^sendung/(\d+)\.html[\?]?(.*)$ /agenda/aggregate.cgi?event_id=$1&$2 [L]
- RewriteRule ^sendung/serie_plus/(\d+)\.html[\?]?(.*)$ /agenda/aggregate.cgi?next_series=$1&$2 [L]
- RewriteRule ^sendung/serie_minus/(\d+)\.html[\?]?(.*)$ /agenda/aggregate.cgi?previous_series=$1&$2 [L]
-#controller end
+ RewriteRule ^kalender/(\d{4}-\d{2}-\d{2})_(\d{4}-\d{2}-\d{2})\.html[\?]?(.*)$ /agenda/aggregate.cgi?from_date=$1&till_date=$2&$3 [L]
+ RewriteRule ^kalender/(\d{4}-\d{2}-\d{2})\.html[\?]?(.*)$ /agenda/aggregate.cgi?date=$1&$2 [L]
+ RewriteRule ^sendungen/(\d{4}-\d{2}-\d{2})\.html[\?]?(.*)$ /agenda/aggregate.cgi?date=$1&$2 [L]
+ # RewriteRule ^sendung/(\d+)\.html/[^&]*(&.*)?$ /agenda/aggregate.cgi?event_id=$1&$2 [L]
+ RewriteRule ^sendung/(\d+)\.html[\?]?(.*)$ /agenda/aggregate.cgi?event_id=$1&$2 [L]
+ RewriteRule ^sendung/serie_plus/(\d+)\.html[\?]?(.*)$ /agenda/aggregate.cgi?next_series=$1&$2 [L]
+ RewriteRule ^sendung/serie_minus/(\d+)\.html[\?]?(.*)$ /agenda/aggregate.cgi?previous_series=$1&$2 [L]
</IfModule>
Options -Indexes +FollowSymLinks +MultiViews +ExecCGI
@@ -30,9 +28,8 @@ Options -Indexes +FollowSymLinks +MultiViews +ExecCGI
</IfModule>
<IfModule !mod_perl.c>
- AddHandler cgi-script .cgi .pl
+ AddHandler cgi-script .cgi .pl
</IfModule>
-#Order allow,deny
-#allow from all
Require all granted
+
diff --git a/website/agenda/cal.cgi b/website/agenda/cal.cgi
index 558ba67..7bbd657 100755
--- a/website/agenda/cal.cgi
+++ b/website/agenda/cal.cgi
@@ -4,10 +4,6 @@
use warnings "all";
use strict;
-use CGI qw(header param Vars);
-$CGI::POST_MAX = 1000;
-$CGI::DISABLE_UPLOADS = 1;
-
use Data::Dumper;
use params();
use config();
diff --git a/website/agenda/category.cgi b/website/agenda/category.cgi
index 7e6ba91..d97d7f5 100755
--- a/website/agenda/category.cgi
+++ b/website/agenda/category.cgi
@@ -3,9 +3,6 @@
use strict;
use warnings;
use Data::Dumper;
-use CGI qw(header param Vars);
-$CGI::POST_MAX = 1000;
-$CGI::DISABLE_UPLOADS = 1;
use params();
use db();
diff --git a/website/agenda/comments.cgi b/website/agenda/comments.cgi
index c750458..9de872b 100755
--- a/website/agenda/comments.cgi
+++ b/website/agenda/comments.cgi
@@ -2,9 +2,6 @@
use warnings "all";
use strict;
-use CGI qw(header param Vars);
-$CGI::POST_MAX = 1000;
-$CGI::DISABLE_UPLOADS = 1;
use Data::Dumper;
diff --git a/website/agenda/config/.htaccess b/website/agenda/config/.htaccess
index b2f8f32..b66e808 100644
--- a/website/agenda/config/.htaccess
+++ b/website/agenda/config/.htaccess
@@ -1,3 +1 @@
-Order deny,allow
-deny from all
-Require all granted
+Require all denied
diff --git a/website/agenda/events.cgi b/website/agenda/events.cgi
index c082433..989cd00 100755
--- a/website/agenda/events.cgi
+++ b/website/agenda/events.cgi
@@ -6,11 +6,6 @@ no warnings 'redefine';
use Data::Dumper;
-use DBI;
-use CGI qw(header param Vars);
-$CGI::POST_MAX = 1000;
-$CGI::DISABLE_UPLOADS = 1;
-
use params();
use config();
use log();
diff --git a/website/agenda/planung/assign_series.cgi b/website/agenda/planung/assign_series.cgi
index 0b34f3c..19d0dc2 100755
--- a/website/agenda/planung/assign_series.cgi
+++ b/website/agenda/planung/assign_series.cgi
@@ -30,7 +30,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( !defined $user ) || ( $user eq '' );
#print STDERR $params->{project_id}."\n";
diff --git a/website/agenda/planung/assignments.cgi b/website/agenda/planung/assignments.cgi
index 35e773c..bec6c26 100755
--- a/website/agenda/planung/assignments.cgi
+++ b/website/agenda/planung/assignments.cgi
@@ -31,7 +31,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
#print STDERR $params->{project_id}."\n";
diff --git a/website/agenda/planung/audio_recordings.cgi b/website/agenda/planung/audio_recordings.cgi
index 790834a..c036841 100755
--- a/website/agenda/planung/audio_recordings.cgi
+++ b/website/agenda/planung/audio_recordings.cgi
@@ -45,7 +45,7 @@ my $fh = undef;
$CGI::Simple::POST_MAX = $uploadLimit;
$CGI::Simple::DISABLE_UPLOADS = 0;
-$cgi = $cgi = CGI::Simple->new;
+$cgi = CGI::Simple->new;
my $filename = $cgi->param('upload');
$fh = $cgi->upload($filename);
$error = $cgi->cgi_error() || '';
@@ -55,7 +55,7 @@ my $params = \%params;
binmode $fh if defined $fh;
#print "Content-type:text/html; charset=UTF-8;\n\n";
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
exit if ( !defined $user ) || ( $user eq '' );
my $user_presets = uac::get_user_presets(
diff --git a/website/agenda/planung/calendar.cgi b/website/agenda/planung/calendar.cgi
index 641aece..e46ff71 100755
--- a/website/agenda/planung/calendar.cgi
+++ b/website/agenda/planung/calendar.cgi
@@ -36,7 +36,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( !defined $user ) || ( $user eq '' );
my $user_presets = uac::get_user_presets(
diff --git a/website/agenda/planung/comment.cgi b/website/agenda/planung/comment.cgi
index e11c02a..ca9dc05 100755
--- a/website/agenda/planung/comment.cgi
+++ b/website/agenda/planung/comment.cgi
@@ -31,7 +31,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( !defined $user ) || ( $user eq '' );
my $user_presets = uac::get_user_presets(
diff --git a/website/agenda/planung/create_events.cgi b/website/agenda/planung/create_events.cgi
index 85d11bc..b19e2d1 100755
--- a/website/agenda/planung/create_events.cgi
+++ b/website/agenda/planung/create_events.cgi
@@ -25,7 +25,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
#print STDERR $params->{project_id}."\n";
diff --git a/website/agenda/planung/event.cgi b/website/agenda/planung/event.cgi
index 87cef7f..37f5dd5 100755
--- a/website/agenda/planung/event.cgi
+++ b/website/agenda/planung/event.cgi
@@ -39,7 +39,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
my $user_presets = uac::get_user_presets(
diff --git a/website/agenda/planung/event_history.cgi b/website/agenda/planung/event_history.cgi
index 52f52ec..53c616f 100755
--- a/website/agenda/planung/event_history.cgi
+++ b/website/agenda/planung/event_history.cgi
@@ -30,7 +30,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
my $user_presets = uac::get_user_presets( $config, { user => $user, studio_id => $params->{studio_id} } );
diff --git a/website/agenda/planung/help.cgi b/website/agenda/planung/help.cgi
index 81c8c9b..5ccf7c5 100755
--- a/website/agenda/planung/help.cgi
+++ b/website/agenda/planung/help.cgi
@@ -24,7 +24,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
my $user_presets = uac::get_user_presets(
diff --git a/website/agenda/planung/image.cgi b/website/agenda/planung/image.cgi
index c04d8bb..7187ebb 100755
--- a/website/agenda/planung/image.cgi
+++ b/website/agenda/planung/image.cgi
@@ -8,7 +8,6 @@ use Data::Dumper;
use File::stat();
use Time::localtime();
-use CGI::Simple();
use URI::Escape();
use time();
@@ -31,11 +30,10 @@ binmode STDOUT, ":utf8";
my $r = shift;
( my $cgi, my $params, my $error ) = params::get($r);
-$CGI::POST_MAX = 1024 * 10;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
my $user_presets = uac::get_user_presets(
diff --git a/website/agenda/planung/imageUpload.cgi b/website/agenda/planung/imageUpload.cgi
index e03fb94..ca51a8c 100755
--- a/website/agenda/planung/imageUpload.cgi
+++ b/website/agenda/planung/imageUpload.cgi
@@ -74,7 +74,7 @@ if ( defined $r ) {
$params = \%params;
}
print "Content-type:text/html; charset=UTF-8;\n\n";
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
my $user_presets = uac::get_user_presets(
diff --git a/website/agenda/planung/localization.cgi b/website/agenda/planung/localization.cgi
index 07212c6..f4b078f 100755
--- a/website/agenda/planung/localization.cgi
+++ b/website/agenda/planung/localization.cgi
@@ -20,7 +20,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( $user eq '' );
my $request = {
diff --git a/website/agenda/planung/notify_events.cgi b/website/agenda/planung/notify_events.cgi
index b2d9612..22bfa2e 100755
--- a/website/agenda/planung/notify_events.cgi
+++ b/website/agenda/planung/notify_events.cgi
@@ -28,7 +28,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
my $user_presets = uac::get_user_presets(
diff --git a/website/agenda/planung/playout.cgi b/website/agenda/planung/playout.cgi
index 737c343..342a7d6 100755
--- a/website/agenda/planung/playout.cgi
+++ b/website/agenda/planung/playout.cgi
@@ -33,7 +33,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
print "Content-type:text/html; charset=UTF-8;\n\n";
diff --git a/website/agenda/planung/projects.cgi b/website/agenda/planung/projects.cgi
index 3b5fec0..0cfc923 100755
--- a/website/agenda/planung/projects.cgi
+++ b/website/agenda/planung/projects.cgi
@@ -21,7 +21,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( $user eq '' );
my $permissions = roles::get_user_permissions($config);
diff --git a/website/agenda/planung/roles.cgi b/website/agenda/planung/roles.cgi
index 46b362c..f90c7e8 100755
--- a/website/agenda/planung/roles.cgi
+++ b/website/agenda/planung/roles.cgi
@@ -22,7 +22,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
our $actions = {
diff --git a/website/agenda/planung/selectEvent.cgi b/website/agenda/planung/selectEvent.cgi
index 76aad4f..623b092 100755
--- a/website/agenda/planung/selectEvent.cgi
+++ b/website/agenda/planung/selectEvent.cgi
@@ -21,7 +21,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
my $user_presets = uac::get_user_presets(
diff --git a/website/agenda/planung/selectSeries.cgi b/website/agenda/planung/selectSeries.cgi
index d75bce7..c723603 100755
--- a/website/agenda/planung/selectSeries.cgi
+++ b/website/agenda/planung/selectSeries.cgi
@@ -20,7 +20,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
my $user_presets = uac::get_user_presets(
diff --git a/website/agenda/planung/series.cgi b/website/agenda/planung/series.cgi
index 7064986..dc9d4d6 100755
--- a/website/agenda/planung/series.cgi
+++ b/website/agenda/planung/series.cgi
@@ -33,7 +33,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
#print STDERR $params->{project_id}."\n";
diff --git a/website/agenda/planung/show-playout.cgi b/website/agenda/planung/show-playout.cgi
index bc6eedf..f2aa6f2 100755
--- a/website/agenda/planung/show-playout.cgi
+++ b/website/agenda/planung/show-playout.cgi
@@ -6,7 +6,6 @@ use warnings;
use strict;
use Data::Dumper;
-use CGI::Simple ();
use ModPerl::Util ();
use config;
@@ -25,7 +24,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
#print STDERR $params->{project_id}."\n";
diff --git a/website/agenda/planung/showImage.cgi b/website/agenda/planung/showImage.cgi
index a54a6cc..df610ca 100755
--- a/website/agenda/planung/showImage.cgi
+++ b/website/agenda/planung/showImage.cgi
@@ -22,7 +22,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
my $user_presets = uac::get_user_presets(
diff --git a/website/agenda/planung/studio_timeslots.cgi b/website/agenda/planung/studio_timeslots.cgi
index 72e8888..915076c 100755
--- a/website/agenda/planung/studio_timeslots.cgi
+++ b/website/agenda/planung/studio_timeslots.cgi
@@ -29,7 +29,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
my $user_presets = uac::get_user_presets(
diff --git a/website/agenda/planung/studios.cgi b/website/agenda/planung/studios.cgi
index 5f3aef2..9dd8724 100755
--- a/website/agenda/planung/studios.cgi
+++ b/website/agenda/planung/studios.cgi
@@ -21,7 +21,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( $user eq '' );
my $permissions = roles::get_user_permissions($config);
diff --git a/website/agenda/planung/user_settings.cgi b/website/agenda/planung/user_settings.cgi
index be5e14c..f3e2fd4 100755
--- a/website/agenda/planung/user_settings.cgi
+++ b/website/agenda/planung/user_settings.cgi
@@ -20,7 +20,7 @@ my $r = shift;
( my $cgi, my $params, my $error ) = params::get($r);
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
my $user_presets = uac::get_user_presets(
diff --git a/website/agenda/planung/user_stats.cgi b/website/agenda/planung/user_stats.cgi
index a51c1ee..1457344 100755
--- a/website/agenda/planung/user_stats.cgi
+++ b/website/agenda/planung/user_stats.cgi
@@ -22,7 +22,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
my $user_presets = uac::get_user_presets(
diff --git a/website/agenda/planung/users.cgi b/website/agenda/planung/users.cgi
index 4b786fe..dc90d4b 100755
--- a/website/agenda/planung/users.cgi
+++ b/website/agenda/planung/users.cgi
@@ -19,7 +19,7 @@ my $r = shift;
( my $cgi, my $params, my $error ) = params::get($r);
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
my $user_presets = uac::get_user_presets(
$config,
diff --git a/website/agenda/planung/work_time.cgi b/website/agenda/planung/work_time.cgi
index 0b0b8e8..b2ab21e 100755
--- a/website/agenda/planung/work_time.cgi
+++ b/website/agenda/planung/work_time.cgi
@@ -28,7 +28,7 @@ my $r = shift;
my $config = config::get('../config/config.cgi');
my $debug = $config->{system}->{debug};
-my ( $user, $expires ) = auth::get_user( $cgi, $config );
+my ( $user, $expires ) = auth::get_user( $config, $params, $cgi );
return if ( ( !defined $user ) || ( $user eq '' ) );
#print STDERR $params->{project_id}."\n";
diff --git a/website/agenda/series_names.cgi b/website/agenda/series_names.cgi
index 98b4111..411e945 100755
--- a/website/agenda/series_names.cgi
+++ b/website/agenda/series_names.cgi
@@ -7,10 +7,6 @@ use warnings "all";
use strict;
use Data::Dumper;
-use CGI qw(header param Vars);
-$CGI::POST_MAX = 1000;
-$CGI::DISABLE_UPLOADS = 1;
-
use params();
use db();
use markup();
diff --git a/website/agenda/upload_playout.cgi b/website/agenda/upload_playout.cgi
index cb7737e..a27c556 100755
--- a/website/agenda/upload_playout.cgi
+++ b/website/agenda/upload_playout.cgi
@@ -3,10 +3,6 @@
use warnings "all";
use strict;
-use CGI qw(header param Vars);
-$CGI::POST_MAX = 1000;
-$CGI::DISABLE_UPLOADS = 1;
-
use Data::Dumper;
use JSON();